Debian virus/spy-ware detection and detection technique.
in [Debian]
|
From: Jordon Bedwell on 26 Jul 2010 19:30 On 7/26/10 4:38 PM, Boyd Stephen Smith Jr. wrote: > Not according to the relevant standards. > > 1Mb = 1 000 000 bits > 1MB = 1 000 000 bytes > 1Mib = 2 ^ 20 bits > 1MiB = 2 ^ 20 bytes > > http://en.wikipedia.org/wiki/SI_prefix > http://en.wikipedia.org/wiki/Binary_prefix > http://en.wikipedia.org/wiki/Timeline_of_binary_prefixes > http://physics.nist.gov/cuu/Units/binary.html > http://physics.nist.gov/cuu/Units/prefixes.html You need to explain to people what these values actually mean, technically both of you are right, but neither of you understand how or where you are right, apparently (not saying you do or don't, just adding apparently because it seems this way.) In memory calculations yes the following table applies AKA base-two meaning: 1 megabyte (MB) = 8,388,608 bits 1 megabit (Mb) = 1,048,576 bits 1 mebibyte (MiB) = 8,388,608 bits 1 mebibit (Mib) = 1 048 576 bits 1 megabyte (MB) = 1,048,576 bytes 1 megabit (Mb) = 131,072 bytes 1 mebibyte (MiB) = 1,048,576 bytes 1 mebibit (Mib) = 131,072 bytes The reason some major companies (that don't like to play the line of politically-correct or politically-incorrect or you're an idiot or you should learn to computer foo) switched to measuring in MiB for storage is because people think that base-two meaning is the correct measurment for storage, when according to standards yes Mega means a million (10^6). As a matter of fact, most computer scientists still readily and unreliably use base-two meaning (2^20) for measurement :/ The IEC added some terms (KiB, MiB, GiB, TiB, PiB, EiB) to ease the confusion (which nobody outside of the computer industry noticed) which does use the base 2 calculations and not base 10. So when you think hard drive, think 10^6 when you think computer memory think 2^20. When you think, blame Americans, this is one thing you truly can blame on us. -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/4C4E1826.4040203(a)envygeeks.com
From: Dotan Cohen on 26 Jul 2010 19:30 On Sat, Jul 17, 2010 at 10:06, Sthu Deus <sthu.deus(a)gmail.com> wrote: > Good day. > > I have 3 questions on virus/spy-ware detection and detection technique. > > 1. Which software (may that is even packaged for Debian) is the best at > Your opinion and why for virus/spy-ware (the software that scans for > interesting data and sends it to some host) detection? > chkrootkit > 2. What's the technique of scanning for the malicious software? - As I > can understand it should be absolutely trustworthy and at the same time > - up-to-date (the bases it uses) - so, should I have a separate HDD for > Â the goal that stands most the time separately (on a shelf), updating > Â alone in computer, then again removed and being used only as a > Â primary disk for scanning attached disks - as the secondary? Or there > Â is more easy to perform way of accomplishing this? > man chkrootkit > 3. Is it possible to scan for this very purposes (virus & spy-ware) the > distro CD/DVD -s - as it is from the media, without explicit manual > unpacking - to be sure the software is OK (in case when check sums are > not available OR it is impossible for some reasons to re-download the > images)? > man md5sum -- Dotan Cohen http://gibberish.co.il http://what-is-what.com -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/AANLkTin643bGL1GNt8bQ42TLPCGtNOPO38iKUA-oGF6n(a)mail.gmail.com
From: Rob Owens on 26 Jul 2010 21:10 On Mon, Jul 26, 2010 at 08:34:23PM +0700, Sthu Deus wrote: > Thank You for Your time and answer, Rob: > > > That's about as official > > as you can get without a Debian release manager being in charge of > > it, I guess. > > What difference does it make in sense of security? > I've had a busy week. I think we were talking about Live images of Debian Testing, right? These images are made periodically. I don't know if any particular schedule is followed. Security updates can be added via aptitude if you use "persistence". Persistence lets you save changes to your live system to a USB stick, for instance. (In fact, the whole live system can run off of a USB stick instead of a CD). All this means that security updates are the same for the normal Testing distro. Exactly what state that is in currently, I'm not sure. There is/was an official security team for Testing, but I know it had a rough period recently. I don't think timely security updates for Testing are guaranteed right now, but I could be wrong. One thing about the Debian Live systems is that the kernel cannot be upgraded via apt-get or aptitude. A new image has to be built in order to get the latest kernel. If you are asking about security in the sense of "can I trust these images", I don't have a clear answer for you. The author is a Debian developer. He has earned some degree of trust in order to get to that position. Do his live-helper packages receive scrutiny from the Debian team before being admitted into the repositories -- scrutiny that his Live images do not receive because they aren't released through official Debian channels? I don't know the answer to that. If you are concerned about that, though, you can build your own images using the live-helper package on your Debian system. You can even use a Lenny system to build a Squeeze image if you want. I know there have been some comments in another thread that you are being too paranoid. I get what you're after, though. GPG calls it web of trust. If you can't personally verify that something/somebody is trustworthy, maybe you can find somebody you trust who can verify for you. I hesitate to profess trust for things that I haven't personally verified. I've used a premade Live image before, and nothing bad happened, but I won't tell you that it is safe because I really don't know that for sure. I believe it, but I don't know it. "Trust me" is a phrase best left in the closed source world, in my opinion. -Rob
From: Andrei Popescu on 27 Jul 2010 03:10 On Lu, 26 iul 10, 21:04:12, Rob Owens wrote: > On Mon, Jul 26, 2010 at 08:34:23PM +0700, Sthu Deus wrote: > > Thank You for Your time and answer, Rob: > > > > > That's about as official > > > as you can get without a Debian release manager being in charge of > > > it, I guess. > > > > What difference does it make in sense of security? > > > I've had a busy week. I think we were talking about Live images of > Debian Testing, right? No Regards, Andrei -- Offtopic discussions among Debian users and developers: http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic
From: Andrei Popescu on 27 Jul 2010 03:10
On Ma, 27 iul 10, 10:00:30, Andrei Popescu wrote: > On Lu, 26 iul 10, 21:04:12, Rob Owens wrote: > > On Mon, Jul 26, 2010 at 08:34:23PM +0700, Sthu Deus wrote: > > > Thank You for Your time and answer, Rob: > > > > > > > That's about as official > > > > as you can get without a Debian release manager being in charge of > > > > it, I guess. > > > > > > What difference does it make in sense of security? > > > > > I've had a busy week. I think we were talking about Live images of > > Debian Testing, right? > > No Oops, wrong thread... Regards, Andrei -- Offtopic discussions among Debian users and developers: http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic |